Items tagged with security

Now that the dust has settled on a global ransomware outbreak that could have been much worse than it ended up being, we can all breathe a sigh of relieve. Meanwhile, security outfits are busy analyzing the outbreak to uncover as much information as possible about the threat known as WannaCry. According to Symantec's investigation into things, WannaCry has "strong links to Lazarus," which is the same group that attacked Sony Pictures and made off with $81 million from the Bangladesh Central Bank. Symantec says that before the recent outbreak occurred, a near identical version of WannaCry was used... Read more...
The Wanna Decrypter ransomware that began floating around the Internet late last week, or WannCry as it's commonly known, has made a lasting impact, with hundreds of thousands of PCs worldwide being affected. What the malware does is even more alarming: one minute, you're using your computer normally; the next, your data is locked away behind a key unless you fork over hundreds of dollars in ransom money. As has become typical of ransomware, WannaCry will demand payment via Bitcoin in order to recover the data the attackers locked down. Once payment is received, an encryption key is typically (but... Read more...
We took part in an interesting demo this week that was both eye-opening and somewhat alarming. We met with representatives from Synaptics to discuss what we thought would be its latest sensor technology or HCI device, but were treated to a real-world hacking display that would leave most people slack-jawed. Why, you ask? Because in only a few minutes, an image of my fingerprint had been stolen and duplicated, and it was used to gain access to my smartphone (and a demo notebook), but it could have just as easily been a personal / corporate laptop or any other device with a fingerprint sensor.It... Read more...
The Internet community was able to breathe a temporary sigh of relief after a 22-year-old security researcher accidentally discovered a way to thwart WannaCrypt, a fast-spreading strain of malware that was stolen from the National Security Agency. After reaching tens of thousands of systems in over 70 countries within the first few hours, WannaCrypt was stopped dead in its tracks. Also known as WannaCry, WCry, and by a handful of other designations, the unprecedented ransomware attack was particularly bothersome for hospitals in the UK. Many of them shut down and turned patients away. In some cases,... Read more...
Last fall, we reported on a somewhat humorous report of a mere "reply all" email that managed to bring down email servers of the UK's National Health Service.  Unfortunately, we have something a bit more severe to report on today: an all-out cyberattack against the NHS. At some point today, doctors at NHS had to begin turning away patients as a ransomware attack that affected NHS' most important servers reared its ugly head. Doctors and staff were immediately locked out of their computers, essentially meaning that patient data could not be accessed. Queen Elizabeth Hospital in Birmingham;... Read more...
A vulnerability researcher at Google is giving props to Microsoft for issuing a quick fix to what he described as a "crazy bad" remote code exploit in the company's malware protection engine. He also said it was the worst of its kind in recent memory, and that is because prior to the patch, a remote attacker could gain full control of a PC simply by sending a malicious email. The recipient needn't even open the communication for this nasty zero-day bug to work. "The update addresses a vulnerability that could allow remote code execution if the Microsoft Malware Protection Engine scans a specially... Read more...
Intel last week finally got around to plugging a security hole that existed for decades affecting platforms with Active Management Technology (AMT), Intel Standard Manageability (ISM), and Small Business Technology (SBT). Consumer systems were untouched by this bug, but otherwise systems dating all the way back to Nehalem (2008) were potentially at risk. As it turns out, the flaw was more serious than initially thought. First, the good news. Intel says it has implemented and validated a firmware update to address the problem and is collaborating with computer makers to roll it out quickly and smoothly.... Read more...
Some things are better late than never, right? Chicago Cubs fans who watched their team win the World Series last year can certainly attest to that, but it does not only apply to sports. Case in point, Intel has finally plugged a security hole that affects every Intel platform with Active Management Technology (AMT), Intel Standard Manageability (ISM), and Small Business Technology (SBT) from Nehalem in 2008 on up to present day Kaby Lake. The good news here is that Intel-based consumer PCs are completely unaffected by this bug. However, business customers who own PCs with vPro processors often... Read more...
Windows 95 is alive and well in the United States Pentagon. Daryl Haegley, program manager for the Office of the Assistant Secretary of Defense for Energy, Installations and Environment reported at an event hosted by OSIsoft that 75% of the Department of Defense computers Windows XP or older (including Windows 98 and even Windows 95). This information was gathered from fifteen different defense sites within the United States.Image from: Wikimedia Commons, David B. GleasonMicrosoft ended support for Windows XP in 2014, but the Pentagon currently pays Microsoft to continue providing support... Read more...
We can't seem to go a single week without news of a severe vulnerability out there in the wild, and it looks like our streak isn't about to end. Not too long ago, a number of NSA-derived tools were released online, giving us an idea of how desperate the folks at one of the US government's leading intelligence agencies are to get inside targeted PCs. Now, we have to hope that IT managers and system owners alike take updating their OS seriously. This particular family of NSA exploits are being dubbed "DoublePulsar", and they're severe enough to warrant immediate attention to your Windows PCs. Last... Read more...
In 2013, security research firm DefenseCode revealed a major issue that plagued a large number of wireless routers, and because the number of affected devices was in the millions, the company held off on revealing the specifics. Fast-forward four years to the present day, and those details have finally been revealed. The vulnerability was originally found in a Cisco Linksys router, but it was quickly discovered that the same issue could be found on others - not just other Cisco models, but other vendor models as well. That led the researcher to discover that the issue ultimately related to the... Read more...
If you're using Google's Chrome browser as your primary vehicle to surf the web, you may want to think about temporarily parking it and puttering around in something else. That's because the most recent version of Chrome is vulnerable to a devious phishing attack, one that is capable of spoofing a legitimate website in the address bar so that you could be tricked into forking over your login credentials and other sensitive data. This particular variant uses unicode to register domains that look exactly the same as real domains. However, these fake domains can be used for malicious purposes, such... Read more...
In less than a month from now Microsoft will stop dishing out security updates for the original version of Windows 10 (build 1507) that was released back in July 2015. Microsoft had actually planned to stop supporting Windows 10 Version 1507 on March 26, 2017, but later decided to push back its end of servicing date to May 9, 2017, giving users some additional time to update. That date happens to be the second Tuesday of May, otherwise known as Patch Tuesday, which is when Microsoft rolls up a bunch of security fixes and patches into a single update. It will be the last Patch Tuesday available... Read more...
Microsoft made headlines early last year when it announced that users of Intel Skylake (and newer) processors, would need to run Windows 10, as support would be dropped on older versions of Windows. After that initial announcement, there wasn't much additional news related to the story. That is until last fall, when Redmond's most notable company told us that it was backtracking on the idea. That was a relief to many users, but unfortunately, it was only a temporary one. It didn't take long for another issue to arise, when it was revealed that those restrictions would go into effect with Intel's... Read more...
1 2 3 4 5 Next ... Last